Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Buchu70 (administrator) on BUCHU70-PC on 17-06-2015 22:10:16
Running from G:\Desktop Drives\_NEW FILES_
Loaded Profiles: Buchu70 (Available Profiles: Buchu70 & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) D:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) D:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() D:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, Inc.) D:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Epic Privacy Browser) C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
() C:\Program Files (x86)\DFX\DFX.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Microsoft Corporation) D:\Program Files\Windows Media Player\wmpnetwk.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [508472 2009-10-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [reminder] => C:\Program Files\TOSHIBA\TFMU\reminder.exe [657792 2009-10-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => d:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-07-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [701752 2009-07-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [DFX] => c:\Program Files (x86)\DFX\DFX.exe [1271768 2014-09-24] ()
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2015-05-10] (Epic Privacy Browser)
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\MountPoints2: {e5508088-3a9d-11e4-82f0-00231839d94e} - F:\iLinker.exe
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BootExecute: autocheck autochk * ᔃﷷ߾샠ү
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0&ocid=iehp
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
SearchScopes: HKLM -> DefaultScope {094AFB31-25A1-400C-AFBB-83AEB6A23027} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {094AFB31-25A1-400C-AFBB-83AEB6A23027} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> DefaultScope {1A35D513-38C5-4BB5-BC5E-E00CAEC25E5E} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1A35D513-38C5-4BB5-BC5E-E00CAEC25E5E} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> d:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> d:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - d:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.facebook.com/index.php?lh=Ac_EL2AjWLVJDZQv|https://www.google.com/ncr
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF NetworkProxy: "type", 0
FF Plugin: @mcafee.com/MSC,version=10 -> d:\PROGRA~3\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> d:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @mcafee.com/MVT -> d:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> d:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-11-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-11-21] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> d:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> d:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Buchu70\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-05-10] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-05-10] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: d:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-05-12] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Buchu70\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-12] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\searchplugins\bingp.xml [2014-11-09]
FF Extension: Ads Removal - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\adremoveext@adremoveext.net [2014-08-20]
FF Extension: EPUBReader - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-05-23]
FF Extension: Translate This! - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-05-23]
FF Extension: Zoom Page - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\zoompage@DW-dev.xpi [2015-05-23]
FF Extension: Hotspot Shield Helper (Please allow this installation) - d:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2015-05-23]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - d:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - d:\Program Files (x86)\McAfee\SiteAdvisor [2015-06-17]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - d:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - d:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - d:\Program Files\McAfee\MSK [2015-06-17]
FF Extension: No Name - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-11-10]
CHR Extension: (Radio) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2014-11-10]
CHR Extension: (Google Docs) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-10]
CHR Extension: (Google Drive) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (World Clocks) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbpkeenmblnjdalaijgmkpmikifnegoh [2014-11-10]
CHR Extension: (Pop Block Pro - The Ultimate Popup Blocker) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhjmjkdknjeokcmgjmdpkccpmahfmiib [2014-11-18]
CHR Extension: (YouTube) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (Polarr Photo Editor 2) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2015-02-25]
CHR Extension: (Stitcher) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcenjghnbkdmdncneijobnbgjcadnbge [2014-11-10]
CHR Extension: (TechSmith Snagit) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcnghgbgmemnlbckdipnmelbanpgneik [2014-11-10]
CHR Extension: (SiteAdvisor) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-11-19]
CHR Extension: (AdBlock) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-10]
CHR Extension: (Zillow) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh [2014-11-10]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-05-12]
CHR Extension: (Popup Blocker Pro) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-05-31]
CHR Extension: (Turn Off the Lights) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\labjanboighjienkhiabgpefblkbmemd [2014-11-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-17]
CHR Extension: (Facebook AdBlock) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa [2014-11-10]
CHR Extension: (Google Wallet) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Adblock Pro) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-31]
CHR Extension: (Outlook.com) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-11-10]
CHR Extension: (IP4 Calculator) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pglhkpcfkalkpckfbdpngbaigmklcfmc [2014-11-10]
CHR Extension: (Gmail) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - d:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-17]
CHR HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - d:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R2 ClickToRunSvc; d:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DisplayLinkService; D:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
S3 fussvc; D:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S2 gupdate; d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-09-17] (Google Inc.)
S3 gupdatem; d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-09-17] (Google Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iPod Service; D:\Program Files\iPod\bin\iPodService.exe [643880 2015-04-07] (Apple Inc.)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; d:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-06-04] (McAfee, Inc.)
R2 McAPExe; d:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 McODS; d:\Program Files\McAfee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-01] (McAfee, Inc.)
R3 mfevtp; C:\windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 osppsvc; d:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5132888 2014-03-30] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; D:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S3 Te.Service; D:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
S3 TMachInfo; D:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [57216 2011-07-11] (TOSHIBA Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-05-29] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-19] (O2Micro )
S3 Tosrfcom; No ImagePath
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
S3 cpuz135; \??\C:\Users\Buchu70\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Ran by Buchu70 (administrator) on BUCHU70-PC on 17-06-2015 22:10:16
Running from G:\Desktop Drives\_NEW FILES_
Loaded Profiles: Buchu70 (Available Profiles: Buchu70 & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) D:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) D:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() D:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, Inc.) D:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Epic Privacy Browser) C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
() C:\Program Files (x86)\DFX\DFX.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Microsoft Corporation) D:\Program Files\Windows Media Player\wmpnetwk.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [508472 2009-10-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [reminder] => C:\Program Files\TOSHIBA\TFMU\reminder.exe [657792 2009-10-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => d:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-07-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [701752 2009-07-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [DFX] => c:\Program Files (x86)\DFX\DFX.exe [1271768 2014-09-24] ()
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2015-05-10] (Epic Privacy Browser)
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\MountPoints2: {e5508088-3a9d-11e4-82f0-00231839d94e} - F:\iLinker.exe
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BootExecute: autocheck autochk * ᔃﷷ߾샠ү
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0&ocid=iehp
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
SearchScopes: HKLM -> DefaultScope {094AFB31-25A1-400C-AFBB-83AEB6A23027} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {094AFB31-25A1-400C-AFBB-83AEB6A23027} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> DefaultScope {1A35D513-38C5-4BB5-BC5E-E00CAEC25E5E} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1A35D513-38C5-4BB5-BC5E-E00CAEC25E5E} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> d:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> d:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - d:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.facebook.com/index.php?lh=Ac_EL2AjWLVJDZQv|https://www.google.com/ncr
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF NetworkProxy: "type", 0
FF Plugin: @mcafee.com/MSC,version=10 -> d:\PROGRA~3\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> d:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @mcafee.com/MVT -> d:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> d:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-11-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-11-21] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> d:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> d:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Buchu70\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-05-10] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-05-10] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: d:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-05-12] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Buchu70\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-12] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\searchplugins\bingp.xml [2014-11-09]
FF Extension: Ads Removal - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\adremoveext@adremoveext.net [2014-08-20]
FF Extension: EPUBReader - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-05-23]
FF Extension: Translate This! - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-05-23]
FF Extension: Zoom Page - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\zoompage@DW-dev.xpi [2015-05-23]
FF Extension: Hotspot Shield Helper (Please allow this installation) - d:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2015-05-23]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - d:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - d:\Program Files (x86)\McAfee\SiteAdvisor [2015-06-17]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - d:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - d:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - d:\Program Files\McAfee\MSK [2015-06-17]
FF Extension: No Name - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-11-10]
CHR Extension: (Radio) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2014-11-10]
CHR Extension: (Google Docs) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-10]
CHR Extension: (Google Drive) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (World Clocks) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbpkeenmblnjdalaijgmkpmikifnegoh [2014-11-10]
CHR Extension: (Pop Block Pro - The Ultimate Popup Blocker) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhjmjkdknjeokcmgjmdpkccpmahfmiib [2014-11-18]
CHR Extension: (YouTube) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (Polarr Photo Editor 2) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2015-02-25]
CHR Extension: (Stitcher) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcenjghnbkdmdncneijobnbgjcadnbge [2014-11-10]
CHR Extension: (TechSmith Snagit) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcnghgbgmemnlbckdipnmelbanpgneik [2014-11-10]
CHR Extension: (SiteAdvisor) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-11-19]
CHR Extension: (AdBlock) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-10]
CHR Extension: (Zillow) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh [2014-11-10]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-05-12]
CHR Extension: (Popup Blocker Pro) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-05-31]
CHR Extension: (Turn Off the Lights) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\labjanboighjienkhiabgpefblkbmemd [2014-11-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-17]
CHR Extension: (Facebook AdBlock) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa [2014-11-10]
CHR Extension: (Google Wallet) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Adblock Pro) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-31]
CHR Extension: (Outlook.com) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-11-10]
CHR Extension: (IP4 Calculator) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pglhkpcfkalkpckfbdpngbaigmklcfmc [2014-11-10]
CHR Extension: (Gmail) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - d:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-17]
CHR HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - d:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R2 ClickToRunSvc; d:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DisplayLinkService; D:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
S3 fussvc; D:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S2 gupdate; d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-09-17] (Google Inc.)
S3 gupdatem; d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-09-17] (Google Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iPod Service; D:\Program Files\iPod\bin\iPodService.exe [643880 2015-04-07] (Apple Inc.)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; d:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-06-04] (McAfee, Inc.)
R2 McAPExe; d:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 McODS; d:\Program Files\McAfee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-01] (McAfee, Inc.)
R3 mfevtp; C:\windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 osppsvc; d:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5132888 2014-03-30] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; D:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S3 Te.Service; D:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
S3 TMachInfo; D:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [57216 2011-07-11] (TOSHIBA Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-05-29] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-19] (O2Micro )
S3 Tosrfcom; No ImagePath
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
S3 cpuz135; \??\C:\Users\Buchu70\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)